Code: Select all
<?php
session_start();
require '/path/to/db_connect.php';
require '/path/to/functions.php';
require '/path/to/constants.php';
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Banner Page</title>
</head>
<body topmargin="0" leftmargin="0">
<?php
if(!is_logged_in())
{
die('If you see this, report E01 in a support ticket.');
}
$banner_id = mysql_real_escape_string(stripslashes($_GET['banner_id']));
$bannerr = mysql_query("SELECT `id`,`img`,`url`,`alttext` FROM `banners` WHERE `id` = '$banner_id' LIMIT 1") or die(mysql_error());
if($bannera = mysql_fetch_assoc($bannerr))
{
echo '<a href="banner-click.php?banner_id=' . $bannera['id']
. '&landing_page=' . urlencode($bannera['url'])
. '" target="_blank" onmouseover="window.status = \'\'; return true;"><img src="'
. $bannera['img'].'" alt="'.$bannera['alttext'].'" width="468" height="60" border="0" /></a>';
} else
{
echo ' ';
}
?>
</body>
</html>I don't understand it.
Here is the is_logged_in() function (which doesn't explain why it would let them on one page but not load the banner iframe) just in case.
Code: Select all
function is_logged_in()
{
if(!empty($_SESSION) && !empty($_SESSION['logged_in']) && ($_SESSION['logged_in'] == true))
{
return true;
} else
{
return false;
}
}EDIT| Or perhaps the session file is locked because the parent page has it open and the call to session_start() fails inside of the iframe?
EDIT 2| Okay, now that I've read the manual page for session_write_close(), I am pretty sure that the session can't be written to (or read from) until the lock on the session file has been released.
So I'm wondering how to check if there is a lock on the file inside of the banner iframe script? I don't want to use sleep() or usleep() inside of the iframe to provide a noticeable delay.